|
using iptable to close port instead of stopping services
Hi,
Would you say from the iptable extract that I have corretly set the firewall to drop everything to and from port 111, 631 and 32768 (xinetd). I know how to stop services. Just learning about shorewall, so a confirmation would be great. Thanks Chain net2fw (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP tcp -- anywhere anywhere tcp dpt:111 DROP tcp -- anywhere anywhere tcp dpt:631 DROP tcp -- anywhere anywhere tcp dpt:32768 Output from nmap PORT STATE SERVICE 111/tcp open rpcbind 631/tcp open ipp 32768/tcp open unknown # shorewall version 2.0.8 Jul 7 05:56:19 localhost shorewall: Policy for net to loc is DROP using chain net2all Jul 7 05:56:19 localhost shorewall: Policy for net to fw is DROP using chain net2all Jul 7 05:56:21 localhost shorewall: Policy DROP for net to fw using chain net2all Regards |
Port 111, 631 and 32768 are open. You can use rule as follows from script:
Code:
SERVER_IP="xxx.xxx.xxx.xxx" |
| All times are GMT -5. The time now is 02:18 PM. |